From 11af802af31b69e8e478baae3ea6e5b5090bafaf Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Tue, 21 Apr 2026 20:10:01 -0500 Subject: feat: PrivateTmp=yes drop-in for systemd-tmpfiles on ZFS-root MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On ZFS-on-root, statx() across sibling services' /var/tmp/systemd-private-*/tmp mounts returns errno 132 (ENOTNAM). This produces 10-30 journal errors per boot and causes systemd-tmpfiles-clean.service to fail every periodic run (exit 73 / CANTCREAT). Running tmpfiles inside its own mount namespace avoids traversing sibling private-tmp paths. install_zfs() now calls configure_tmpfiles_private_tmp() between configure_zfs_tools and sync_efi_partitions, so the genesis snapshot captures the drop-ins. Btrfs path is untouched — errno 132 is ZFS-specific. The drop-in file-writing is factored into install_dropin() in lib/common.sh (service, name, root; body from stdin). Six bats tests exercise path, content, directory permissions, idempotent overwrite, empty content, and special-character preservation. Full root-cause write-up and verification steps in docs/zfs-tmpfiles-private-tmp-fix.md. --- installer/lib/common.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'installer/lib') diff --git a/installer/lib/common.sh b/installer/lib/common.sh index d181e0b..8193b19 100644 --- a/installer/lib/common.sh +++ b/installer/lib/common.sh @@ -222,6 +222,20 @@ disk_in_use() { return 1 } +# Install a systemd drop-in for $service under $root, reading its body +# from stdin. Creates $root/etc/systemd/system/$service.service.d/ at +# mode 755 (idempotent) and writes $dropin_name.conf there. Intended +# for post-pacstrap customization — pass "/mnt" as root at install +# time; tests pass a tempdir. +install_dropin() { + local service="$1" + local dropin_name="$2" + local root="$3" + local dir="${root}/etc/systemd/system/${service}.service.d" + install -d -m 755 "$dir" + cat > "${dir}/${dropin_name}.conf" +} + # List available disks (not in use) list_available_disks() { local disks=() -- cgit v1.2.3